It's that time of the year again; that time of the year where news outlets get to indulge in sensationalist headlines about how Mac OS X got hacked in twenty seconds. Yes, CanSecWest just held its Pwn2Own contest again, and they fell like drunk 16-year-olds this time (don't read too much into that one, please).

There have been some great quotes from modern Mac Warriors. The ex CEO of Omni Wil Shipley had a poin of view about hacking security and privacy that essentially came down to being proud of the work you do and putting a lot of pride in it but do not expect that some new kids are not going to come over the hill and torch all that you did to secure your app (he was talking about serial numbers and SW piracy...) and he was right. We all might bee good or clever or some combo of both in a team. And our Opposing Force will be just a proud and clever when they hack or [K]rack or serve us old-heads. That is the only way that progress gets made.
I did a seminar a few years back with Jon Wolf Rentzch about code injections and fuzzing. I understood about half of it 3 years ago and I have picked up on half of what I didn't know since then. It is one thing to think that this-patch or that-patch will fix anything.
At least with the Unixes and the Mac we do not have obvious WTF 'features' like exec bits set on tmp folders and - - Ooops by default we do have a lot of holes.
Hell unix used to be full of holes in the 70s and 80s and Microsoft used to be much worse. Someday it will be these guys bitching about 2014s new 0-day exploit